Splunk
Splunk Enterprise and Cloud Platform searches, saved searches, alerts, jobs, and webhooks
Tools
| Name | Description |
|---|---|
validate_connectionValidate the Splunk token by reading server information. | Validate the Splunk token by reading server information. |
create_search_jobCreate a bounded Splunk search job. Use earliest/latest time to avoid all-time searches. | Create a bounded Splunk search job. Use earliest/latest time to avoid all-time searches. |
get_search_jobGet search job status and dispatch state by SID. | Get search job status and dispatch state by SID. |
get_search_resultsGet transformed search results for a completed or running search job. | Get transformed search results for a completed or running search job. |
list_saved_searchesList saved searches, reports, and alerts in a Splunk namespace. | List saved searches, reports, and alerts in a Splunk namespace. |
get_saved_searchGet one saved search, report, or alert by namespace and name. | Get one saved search, report, or alert by namespace and name. |
dispatch_saved_searchDispatch a saved search by exact namespace/name. Requires explicit confirmation. | Dispatch a saved search by exact namespace/name. Requires explicit confirmation. |
update_saved_searchUpdate selected fields for an exact saved search. Requires explicit confirmation. | Update selected fields for an exact saved search. Requires explicit confirmation. |
list_fired_alertsList fired alert records from Splunk alert history. | List fired alert records from Splunk alert history. |
Triggers
| Name | Description |
|---|---|
alert_webhook_receivedReceive Splunk alert webhook payloads. Configure a Splunk webhook alert action to this trigger URL. | Receive Splunk alert webhook payloads. Configure a Splunk webhook alert action to this trigger URL. |
Quick Start
import { WeavzClient } from '@weavz-io/sdk'
const weavz = new WeavzClient({ apiKey: 'wvz_...' })
const result = await weavz.actions.execute('splunk', 'validate_connection', {
workspaceId: '550e8400-e29b-41d4-a716-446655440000',
integrationAlias: 'splunk',
input: { /* ... */ },
})Related Integrations
Works well with
Frequently Asked Questions
How do I connect Splunk to my app?
Use Weavz Hosted Connect for Custom authentication. Install the SDK, create a connection through the connect portal or API, then execute tools programmatically.
What tools does Splunk support?
Splunk supports 9 tools including Validate Connection, Create Search Job, Get Search Job, Get Search Results, List Saved Searches, and more.
Can I use Splunk with AI agents?
Yes. Add Splunk to an MCP server in Tool Mode or Code Mode. Code Mode provides 3 meta-tools with on-demand API discovery so agents can compose stateful workflows without loading every action schema up front.
Can Splunk be used in stateful agent workflows?
Yes. Agents can combine Splunk tools with Filesystem, State KV, Human Gates, input partials, and other workspace integrations while keeping execution scoped to the selected workspace or end user.
What authentication does Splunk use?
Splunk uses Custom. Weavz stores credentials securely and uses them for authorized action execution.
How much does the Splunk integration cost?
The Splunk integration is included on all Weavz plans including the free tier with 20,000 actions per month. No credit card required.
What triggers does Splunk support?
Splunk supports 1 triggers including Alert Webhook Received.
Connect Splunk in minutes
Get 20,000 free action executions every month. No credit card required.